Primary

Context

Android Address Space Layout Randomization Bypass Vulnerability Allowing Local Privilege Escalation

Vulnerability

A vulnerability exists in multiple functions of Parcel.cpp, where it may be possible to bypass address space layout randomization (ASLR). This bypass could lead to local privilege escalation, as no additional execution privileges are required for exploitation. User interaction is also not necessary.

Impact

Exploitation of this vulnerability could result in unauthorized access to elevated privileges, allowing a user to perform actions or access resources that are normally restricted.

Remediation

Users can update their devices to the July 2018 security patch level to address this vulnerability.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

4.7

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

4.7

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Android Address Space Layout Randomization Bypass Vulnerability Allowing Local Privilege Escalation

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating